IETF Logo Mail Archive

Re: [Cfrg] Wi-Fi Alliance Device Provisioning Protocol (DPP) - Draft Released for Public Review and Comments

Paul Lambert <paul@marvell.com> Wed, 31 August 2016 22:23 UTC

Return-Path: <paul@marvell.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CEF212D1E3; Wed, 31 Aug 2016 15:23:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FeVQodpE7Ga1; Wed, 31 Aug 2016 15:23:46 -0700 (PDT)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8355212D0B4; Wed, 31 Aug 2016 15:23:46 -0700 (PDT)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.0.17/8.16.0.17) with SMTP id u7VMKj5P025643; Wed, 31 Aug 2016 15:23:44 -0700
Received: from sc-exch04.marvell.com ([199.233.58.184]) by mx0a-0016f401.pphosted.com with ESMTP id 2567rf86jw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 31 Aug 2016 15:23:43 -0700
Received: from SC-EXCH03.marvell.com (10.93.176.83) by SC-EXCH04.marvell.com (10.93.176.84) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Wed, 31 Aug 2016 15:23:42 -0700
Received: from SC-EXCH03.marvell.com ([fe80::6cb0:4dfa:f3f3:b8b6]) by SC-EXCH03.marvell.com ([fe80::6cb0:4dfa:f3f3:b8b6%21]) with mapi id 15.00.1104.000; Wed, 31 Aug 2016 15:23:42 -0700
From: Paul Lambert <paul@marvell.com>
To: Dan Harkins <dharkins@lounge.org>, Andy Lutomirski <luto@amacapital.net>
Thread-Topic: [Cfrg] Wi-Fi Alliance Device Provisioning Protocol (DPP) - Draft Released for Public Review and Comments
Thread-Index: AQHSAxd8feDlzRT1DkO/Rm6efoKJcaBiPCcAgADJ0ICAAGitAIAAig0A//+txgA=
Date: Wed, 31 Aug 2016 22:23:42 +0000
Message-ID: <D3EC8F9E.9C4A3%paul@marvell.com>
References: <b6b2e03faf504238b8681284fc72a1dd@SC-EXCH03.marvell.com> <CALCETrVmSHv9=aNZYudU012UhuSNSJJaZX2CFa++o4nYA=WtPg@mail.gmail.com> <D3EB69B5.9C1EE%paul@marvell.com> <a120d8fb-c493-c6ea-fdd8-8ab9ebb7e5f4@lounge.org> <D3EC658C.9C3D4%paul@marvell.com> <10eef8ba-d20d-47f7-25e6-d9463367f432@lounge.org>
In-Reply-To: <10eef8ba-d20d-47f7-25e6-d9463367f432@lounge.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.5.160527
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.94.250.30]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <4986A712BC8D4C42BF02FFAA05F9480C@marvell.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-08-31_05:, , signatures=0
X-Proofpoint-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 impostorscore=0 lowpriorityscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1608310260
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/JNVRaPhHywalmRmEKLoo-7bmD50>
Cc: "t2trg@irtf.org" <t2trg@irtf.org>, "cfrg@irtf.org" <cfrg@irtf.org>, "adrian.p.stephens@ieee.org" <adrian.p.stephens@ieee.org>, "lear@cisco.com" <lear@cisco.com>
Subject: Re: [Cfrg] Wi-Fi Alliance Device Provisioning Protocol (DPP) - Draft Released for Public Review and Comments
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Aug 2016 22:23:47 -0000


>
>On 8/31/16 12:03 PM, Paul Lambert wrote:
>> Yes, PKEX is not SAE, but they share the same underlying PAKE
>> cryptographic processing
>
>   That is not true. They both use a secret group element that is derived
>from a password but the exchanges are completely different.

Yes - the protocols are very different.

My original point was that it is difficult to fully evaluate PKEX without
having the text for SAE that includes field definitions and important
aspects of the cryptographic processing.

Both PKEX and SAE use the identical textual specification that describes
the hunt-and-peek mapping of a passphrase to a group element.  This
mapping is a fundamental aspect of the PAKE processing and makes SAE and
PKEX both members of the class of PAKE algorithms that operate by the
mapping of a passphrase to a group element (point on ECC curve).

The demonstration of knowledge of this group element is very different for
the two protocols.

Paul

>
>   Dan.
>
>

v2.23.0 | Report a Bug | By Email